| Age | Commit message (Collapse) | Author |
|---|
|
pam_fscrypt is crashing with a segfault in copyIntoSecret() when using
Ctrl-C to interrupt a 'sudo' prompt. It is dereferencing a NULL pointer
that is supposed point to the PAM_AUTHTOK item. The problem is that the
Go code assumes pam_get_item() returns a non-success status if the item
is unset, when actually it sets the data pointer to NULL and returns
PAM_SUCCESS.
Fix it by making pam.Handle.GetItem() return an error in that case.
|
|
Running "go vet -shadow ./..." finds all places where a variable might
be incorrectly or unnecessarily shadowed. This fixes some of them.
|
|
|
|
Now instead of spawning a seperate thread we alternate between changing
the euid and ruid to both find the keyring and link it to the process
keyring. Note that we also ensure that the user keyring is linked into
the root keyring whenever possible.
|
|
This was creating an issue becasuse fully dropping privileges required
spawning a goroutine and using rutime.DropOSThread().
|
|
The functions are now changed to (Start|Stop)AsPamUser to indicate that
they handle privilege modification and keyring setup.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This commit provides a Go interface to the PAM functions.
|
